The only explanation I heard was that they wanted to prevent people using consumer DSL for such nefarious purposes as running publicly available servers (nevermind the rather restricted uplink speed machine this hard at any scale anyway), so this was their way of forcing you to get a new IP address every 24h. Of course, services such as dyndns quickly jumped in to fix that problem.

Yeah, I have a two-word last name. It sometimes gets smushed together by the airlines, but they're inconsistent about it.

Lufthansa for example does this in a particularly annoying way, if I give my name as LAST NAME, it will automatically smush it to LASTNAME. However, if I then want to retrieve my boarding pass, it will only find my booking when I enter my name as LASTNAME, because the look-up does not smush things automatically.

But even then, Apple knows exactly which purchases it consolidated into which payment, making the entire process trivial again

Yes but you don't have access to Apple's database, and therein lies the problem. Apple might send you a receipt that itemizes these things, or it might not. If you're a business you're dealing with 1000 different Apples all of whom have different policies about how granular their receipts will be, each with a different mechanism for you to access those receipts, and each making receipts available at different times.

Meanwhile you need to do a reconciliation for your company at the end of every period (e.g. the end of every day, every week, etc.) and you don't have time to wait around for all those receipts to be collected.

I don't understand the problem this solves. At least in my experience each transaction on the bank statement has a reference to a business transaction attached (usually an invoice number). The amount of money that just lands on the account without a reference is negligible in comparison and usually easily manually associated.

Often banks will batch up transactions into a single one, and especially in a real-time market, that may not match what you expect.

For example lets say I ask you to sell 10 shares of Google if the price goes over $140 (this is typically called a limit order). Now your bank comes back and says the sold 2 shares at $140.02, 7 shares at $140.03, and 1 share at $139.77. Did they satisfy their obligation?

The answer is yes, but it's difficult to determine that, and you can't use exact math to do it easily. You expected $1400 from that sale, but you got $1400.02. Now do it again, but you have half a dozen orders at different prices. That's where it turns into the knapsack problem.

The problem is severely compounded when you look at why you're reconciling (it's to make sure your assets changed the way you expected, and fix things when it didn't). Often banks will drop a transaction, or add an extra one (these systems are annoyingly manual, and subject to error). How do you find the exact error and track it down? Especially when the trade happened, but you don't have the actual record of it, and your records show that it didn't.

Exactly. That's why I don't build the toy anymore: Too many broken promises of "Yes, we won't put it into production until it's ready", and then my team is left maintaining a system in production that had no business of ever being in production.

All the GPL says on source code access is that you need to make the source code available to whoever you distributed your program to. If the program never leaves a closed circle of people, neither does the source code.

I don't think the fact that it's sqlx or rust is really relevant. What you're describing is a problem and conflict of interest that's pervasive on open source, and that's what I thought worthy of discussing on hn.

I'm sorry that people seem to focus on your use of the word sorry, I read it to mean in the sense of "it's a shame that the world is how it is".

Yes that's what I meant.

The solution to this is of course to simply outlaw the use of communication systems that cannot be monitored by law enforcement. India has it, the EU is working on it, and I'm sure the US will do something like that as well.

solution to what exactly? to help hackers hack companies more efficiently?

To being able to surveil a country's citizens.

These super-anonymous communication technologies are touted time and again to solve the problem of a surveillance state, while they do nothing of the sort. You cannot solve a social problem with technology.

You think being able to surveil a country's citizens is a feature?

The point that was trying to be made was that it doesn’t matter how secure and unbeatable something is if a sovereign state wishes to simply criminalize its use. It can then utilize its full power to enact violence upon any S̵u̵b̵j̵e̵c̵t̵ citizen, who is caught using it.

Thanks for clearing that up.

But if a tool can be devised that no trace of its use can be found, there’s nothing such state can charge you of.

This tool clearly wants to be a step in that direction.

Did you even read the comment?

I wouldn’t reply otherwise

This doesn’t seem to be a response to the comment you’re replying to

Such as HTTPS?

> If you voluntarily walk into someones private shop, can you demand that the shop owner doesn't catalog that event?

Unless you know the shop owner, you would not be personally identified, and yes, in fact, it would be illegal to use technology that personally identifies you when you walk into a shop. The event that _somebody_ walked into a shop can be recorded.

> Is there an expectation of privacy while walking on the public street?

Insofar as no records are made of your movement, yes. It is illegal to record somebody else's presence in a public space, although fair use examples exist (in the background of a personal vacation photo, for example). There are zones with video surveillance, but those are generally clearly marked. The general expectation is that nobody who does not happen to be in the same place as you at the same time knows that you have been there.

That is, in very broad strokes, the current legal situation in Germany pre-GDPR.

The principle is that people have the expectation that their movements in the public space aren't recorded. Anything that violates that expectation is problematic to straight illegal. I don't find that silly, quite the contrary.

I guess software that simply displays your name on a screen, but does not (identifiably) record that fact would be fine, though that would pose the question how the software would connect your face with your name - you would probably have to volunteer a photo for that to work.

Can shop owners in Germany not have surveillance cameras in their buildings? Unless you walk into the grocery store with a mask, you would then be on video and identifiable in some way.

In the US and the UK, almost every business of any value is recording you from the moment you walk in. At the very least, they likely have a camera on the cash register to deter theft. The UK is widely known to record public spaces with some videos being made of following people in London for miles.

Outside of your own home, privacy regarding your physical person is basically nonexistent except in a bathroom stall. In the US, it’s 100% legal to take photos of other people in public without their permission.

I think the barrier to provide the maximum amount of privacy for citizens in every aspect of their lives is too high in most of the modern world. There is simply no precedent for limiting the amount of data that is collected in public that will sway legislators across the world.

> Can shop owners in Germany not have surveillance cameras in their buildings? Unless you walk into the grocery store with a mask, you would then be on video and identifiable in some way.

They can, but you have to be informed of that fact. The business may only use the recordings to investigate a crime, it may not use it for anything else, and they have to be erased after a certain amount of time.

A country that's had both the Gestapo and the Stasi deserves some understanding about laws to prevent privacy infringement. It's not surprising that they're worried about it: they've seen what it can do.

You can, as I pointed out in that very sentence:

> It is illegal to record somebody else's presence in a public space, although fair use examples exist (in the background of a personal vacation photo, for example)

If you were to publish that photo, however, you have to get all identifiable persons' permission or make them unrecognizable. That extends to other information usable to identify somebody such as a readable license plate.

Given that the quoted sentence ends with _...although fair use examples exist (in the background of a personal vacation photo, for example)._ I assume your scenario would fall under this

Read the sentence you half-quoted a little bit further.

Doesn't anyone who walks into a shop more than once 'know' the staff? I recognised repeat customers when I worked in retail, even though I didn't know their names, and customised my service to them (e.g "how's the XXX you bought last time?"). That's illegal in Germany?

No, of course not. It's about making records.

Right. The +-suffix suffers from the same problem as the dots-don't-matter-policy: While some implementations use + as a separator between a mailbox name and a suffix, there is nothing in the RFC that encodes that, so different server implementations could just as well see + as a regular letter of the local part. Netflix has no choice but to treat james.h.fisher@gmail.com, jameshfisher@gmail.com and jameshfisher+netflix@gmail com as different email addresses. Really, to the left of the @, almost anything goes, and how an MDA maps the local part to a specific mailbox is completely up to the implementer.

As you point out, the only way around this email verification.